• John Garry's avatar
    libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() · fae2a637
    John Garry authored
    Currently smatch warns of possible Spectre-V1 issue in ahci_led_store():
    drivers/ata/libahci.c:1150 ahci_led_store() warn: potential spectre issue 'pp->em_priv' (local cap)
    
    Userspace controls @pmp from following callchain:
    em_message->store()
    ->ata_scsi_em_message_store()
    -->ap->ops->em_store()
    --->ahci_led_store()
    
    After the mask+shift @pmp is effectively an 8b value, which is used to
    index into an array of length 8, so sanitize the array index.
    Signed-off-by: default avatarJohn Garry <john.garry@huawei.com>
    Signed-off-by: default avatarTejun Heo <tj@kernel.org>
    fae2a637
libahci.c 67.6 KB